docker 在Oracle Linux7 安装与配置

1 前提条件检查：
/docker/rpm 

[root@docker rpm]# ls -l 

总用量 6468 

-rw-r--r--. 1 root root 6592612 1月 24 01:10 docker-engine-1.8.3-1.0.2.el7.x86_64.rpm 

-rw-r--r--. 1 root root 28292 1月 24 01:10 docker-engine-selinux-1.8.3-1.0.2.el7.noarch.rpm 

[root@docker rpm]# rpm -uname ^C 

[root@docker rpm]# 

[root@docker rpm]# uname -a 

Linux docker 3.8.13-98.7.1.el7uek.x86_64 #2 SMP Wed Nov 25 13:51:41 PST 2015 x86_64 x86_64 x86_64 GNU/Linux 

[root@docker rpm]# sudo grep device-mapper /proc/devices 

252 device-mapper 

[root@docker rpm]# 

[root@docker rpm]# ls -l /sys/class/misc/device-mapper/ 

总用量 0 

-r--r--r--. 1 root root 4096 1月 24 01:13 dev 

drwxr-xr-x. 2 root root 0 1月 24 01:13 power 

lrwxrwxrwx. 1 root root 0 1月 24 00:19 subsystem -> ../../../../class/misc 

-rw-r--r--. 1 root root 4096 1月 23 20:48 uevent 

[root@docker rpm]# 

[root@docker rpm]#

Oracle Linux 

2  Oracle Linux7 rpm 包docker安装

1.83版本需要 提前安装selinux rpm包

sudo rpm -ivh docker-engine-selinux-1.8.3-1.0.2.el7.noarch.rpm 
sudo rpm -ivh docker-engine-1.8.3-1.0.2.el7.x86_64.rpm

[root@docker rpm]# systemctl start docker 

[root@docker rpm]# 

[root@docker rpm]# 

[root@docker rpm]# systemctl enable docker 

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

3 基本信息查看

参考Oracle官方文档： http://docs.oracle.com/cd/E52668_01/E54669/html/section_kfy_f2z_fp.html
1.83 docker主要检查如下几个配置及注意事项：

 
     如果使用代理服务器，配置代理服务器

To configure web proxy networking options, create the drop-in file 

/etc/systemd/system/docker.service.d/http-proxy.conf

 that
contains the following lines:

[Service]
Environment="HTTP_PROXY=[code]proxy_URL

:

port

"
Environment="HTTPS_PROXY=

proxy_URL

:

port

"[/code]

Replace 

proxy_URL

 and 

port

 with
the appropriate URLs and port numbers for your web proxy.

配置ipv6

To configure IPv6 support in version 1.5 and later of Docker, create the drop-in file 

/etc/systemd/system/docker.service.d/docker-network.conf

 so
that the definition of 

OPTIONS

 includes the --ipv6 option,
for example:

[Service]
Environment="OPTIONS=$OPTIONS \"--ipv6\""

With IPv6 enabled, Docker assigns the link-local IPv6 address 

fe80::1

 to
the bridge 

docker0

.

If you want Docker to assign global IPv6 addresses to containers, additionally specify the IPv6 subnet to the 

--fixed-cidr-v6

 option,
for example:

[Service]
Environment="OPTIONS=$OPTIONS \"--ipv6 --fixed-cidr-v6='2001:db8:1::/64'\""

For more information about configuring Docker networking, see https://docs.docker.com/articles/networking/.

使用btrf格式的存储需要关闭selinux

To be able to use the btrfs storage engine with Docker on Oracle Linux 7, you must either set the SELinux mode to Permissive or disable SELinux altogether.

To set the current SELinux mode to 

Permissive

, enter:

# [code]setenforce Permissive

[/code]

This setting does not persist across reboots. To configure the default SELinux mode, edit 

/etc/selinux/config

 and
set the value of the 

SELINUX

 directive to 

disabled

 or 

permissive

.

To disable SELinux:

Edit 

/etc/selinux/config

 and set the value of the 

SELINUX

 directive
to 

disabled

.

Reboot the system.

# [code]systemctl reboot

[/code]

A bug in Docker version 1.8 prevents Docker from starting if both SELinux and 

firewalld

 are
enabled.

The workaround is to disable either SELinux or 

firewalld

. If you do not disable SELinux to use the btrfs storage
engine with Docker, disable 

firewalld

. If you require a system firewall, you can use 

iptables

 and 

ip6tables

 instead
of 

firewalld

.

To stop and disable 

firewalld

, enter the following commands:

根据以往案例bug，建议关闭防火墙和selinux

# [code]systemctl stop firewalld

#

systemctl disable firewalld

[/code]

如果不关闭disable selinux 请安装如下

If you do not disable SELinux, install the 

selinux-policy-targeted

 package.

# [code]yum install selinux-policy-targeted

[/code]

开机启动docker

Start the 

docker

 service and configure it to start at boot time.

# [code]systemctl start docker

#

systemctl enable docker

ln -s '/etc/systemd/system/docker.service' \
'/etc/systemd/system/multi-user.target.wants/docker.service'[/code]

Note

If you have installed the 

mlocate

 package, it is recommended
that you modify the 

PRUNEPATHS

 entry in 

/etc/updatedb.conf

 to
prevent updatedb from indexing directories below 

/var/lib/docker

,
for example:

PRUNEPATHS="/media /tmp /var/lib/docker /var/spool /var/tmp"

This entry prevents locate from reporting files that belong to Docker containers.

To check that the 

docker

 service is running, use the following
command:

# [code]systemctl status docker

docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled)
Drop-In: /etc/systemd/system/docker.service.d
└─docker-sysconfig.conf, http-proxy.conf, var-lib-docker-mount.conf
Active: active (running) since Fri 2015-09-11 07:30:56 AEST; 700ms ago
Docs: https://docs.docker.com Main PID: 2711 (docker)
CGroup: /system.slice/docker.service
└─2711 /usr/bin/docker daemon -H fd:// --ipv6 --fixed-cidr-v6='2001:db8:1::/64'
...[/code]

You can also use the docker command to display information about the configuration
and version of the Docker Engine, for example:

# [code]docker info

Containers: 0
Images: 6
Storage Driver: btrfs
Execution Driver: native-0.2
Kernel Version: 3.8.13-35.3.1.el7uek.x86_64
Operating System: Oracle Linux Server 7.0

#

docker version

Client version: 1.3.3
Client API version: 1.15
Go version (client): go1.3.3
Git commit (client): 4e9bbfa/1.3.3
OS/Arch (client): linux/amd64
Server version: 1.3.3
Server API version: 1.15
Go version (server): go1.3.3
Git commit (server): 4e9bbfa/1.3.3[/code]

配置代理

To configure 

docker

 service options, edit the legacy docker
configuration file 

/etc/sysconfig/docker

 or create a drop-in
file in 

etc/systemd/system/docker.service.d

.

For example, you could define the web-proxy settings in the file 

/etc/systemd/system/docker.service.d/http-proxy.conf

:

[Service]
Environment="HTTP_PROXY=[code]proxy_URL

:

port

"
Environment="HTTPS_PROXY=

proxy_URL

:

port

"[/code]